typosquatter / ail-typo-squatting

Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.
https://typosquatter.github.io/ail-typo-squatting/
BSD 2-Clause "Simplified" License
81 stars 6 forks source link

New Algorithm feature requests #4

Open TiiTcHY opened 1 year ago

TiiTcHY commented 1 year ago

Hello,

Would it be possible to get the following algorithms added:

• Wrong Second Level Domain • Ordinal Number Swap • Cardinal Number Swap • Hyphenation • Combo squatting

Also possibly get detection for (vpn, account, my. E.G vpn-domain, vpn.domain, account-domain, account.domain, my.domain, my-domian)

DavidCruciani commented 1 year ago

Hello @TiiTcHY ,

TiiTcHY commented 1 year ago

Hi @DavidCruciani Thanks for the turn around on this.

Are you referring to the Combo squatting or the other suggestion?

for combo squatting i guess it would be a combo of different algo.

The other suggestion would help detect sites pretending to be a VPN/Log in page.

DavidCruciani commented 1 year ago

Hi @TiiTcHY , I was referring to the Combo squatting. If I understood correctly you want the possibility to mix different algo to generate one variation. For example: omission + wrongTld : circl.lu -> crcl.fr. Is it what you want ?

Regarding the detection: You want to know if a page contain any logging system and/or if it's about vpn login ? Do you want to identified if it's a fake too ?

TiiTcHY commented 1 year ago

Hi @DavidCruciani,

Correct regarding the combo squatting.

yes so be able to detect variations of login/vpn pages. so detect vpn-goole.co.uk myaccount.goole.co.uk/com

Also I have carried out the following analysis of other tools and compared the algorithms they use if its of any use to you. https://github.com/TiiTcHY/TypoSquat-Domain-Comparison

TiiTcHY commented 1 year ago

Hi @DavidCruciani, is there any recent changes to match the requested algorithms

DavidCruciani commented 1 year ago

Hi @TiiTcHY, We don't forget your request. We are working on a many other project but we'll soon do a new release with some changes like a new algorithm to do some combo squatting.

Hope this will not be too long for you, you can have a look on pypi-squatting to wait.

DavidCruciani commented 1 year ago

Hi @TiiTcHY, Sorry for the long wait, but here it is !!! 928ecaa0e4f6571af3232b19d1eaafb545ea3ad8 Please give a feedback of the combo functionality. Be award that this will generate a large amount of domain, and it's recommended to combine just a few algo.

Concerning the detection of vpn page, login page... It can be a better Idea to relocate the issue in https://github.com/typosquatter/ail-typo-website and add some misp-warninglists.